Exchange 2013 Malware Protection - Part 2
- Alexander Zammit Jan 22, 2013
The Exchange 2013 Management Shell provides a number of scripts and cmdlets for administering Malware Protection. When it comes to managing filter updates or enabling/disabling the filter the shell is our only administrative interface.
Exchange 2013 Malware Protection - Part 1
- Alexander Zammit Dec 18, 2012
Since Exchange 2003 we grew to expect basic email hygiene to be include out-of-the-box in every new Exchange release. Today we look at the way Exchange 2013 is evolving in this area starting from the new malware protection.
Exchange Server 2010 Role Based Access Control (RBAC)
- Tariq M. Jaber Jun 29, 2010
In this Article I’ll talk about Role Based Access Control (RBAC), the new permission granting model introduced in Exchange Server 2010. Using RBAC we grant administrators the exact set of permissions required, without handing any additional rights.
Sniffing User Credentials and more
- Alexander Zammit Mar 12, 2009
Network sniffing provides a plethora of information useful in troubleshooting and identifying security weaknesses. Today we look at a practical example by extracting user credentials from a network capture.
Sniffing with Microsoft Network Monitor
- Alexander Zammit Feb 17, 2009
If the Exchange Queue Viewer or Message Tracking is not showing you enough, the Microsoft Network Monitor might be the right addition to your diagnostic and troubleshooting arsenal. Here is how to start capturing the information most relevant to you.
Plain Text Authentication Exposed
- Alexander Zammit Sep 06, 2007
Exchange allows the use of plain text authentication for inbound and outbound SMTP email. Employing telnet we test for the availability of this authentication method, and expose its key weakness.
- Alexander Zammit Aug 30, 2007
The value of our virtual identity grows with every service we subscribe to. Acting as a bridge between the real and virtual world, Authentication is there to verify the credentials linking us to our virtual identity.
Four Exchange Vulnerabilities Fixed on Patch Tuesday
- Alexander Zammit May 09, 2007
Microsoft just released details and fixes for four vulnerabilities affecting Exchange versions 2000, 2003 and 2007. The vulnerability classification varies from Important to Critical, demanding immediate action.
Using IIS Lockdown to Tighten Exchange
- Andrew Z. Tabona May 08, 2007
Internet Information Services 5.0 includes services Exchange doesn't require to function properly. Being enabled by default, these pose a security risk. Today we use IIS Lockdown to limit the exposed services.
Time to Trash the Outlook Security Administrative Package
- Alexander Zammit Jun 27, 2006
Do you hate the Outlook Security Administrative Package (AdmPack)? Six years from the birth of the Outlook Security lockdown a new administrative interface is on the horizon.
MS06-019 Critical Fix Brings Changes in Granting of Mailbox Access
- Kenneth Spiteri May 10, 2006
The MS06-019 critical fix demands immediate action. Blocking the danger of remote code execution cannot but take the highest priority. Nevertheless extra care is required as the update also brings important changes in granting mailbox access.
Tar Pitting Directory Harvesting Attacks
- Alexander Zammit Mar 22, 2006
Exchange 2003 Recipient Filtering can eliminate spam addressed to invalid recipients. Nevertheless unless we are careful this can make us easier target for directory harvesting attacks.
Is MS05-048 an Important or Critical Exchange Security Update?
- Alexander Zammit Oct 12, 2005
The severity of bulletin MS05-048 CDO Remote Code Execution vulnerability is being classified as Important. Nevertheless this in reality is a Critical update for many Exchange 2000 Organizations.
- Alexander Zammit Sep 06, 2005
Email is the number one delivery channel for spam, phishing scams, viruses, and other maleware. Various tricks are employed in order to ensure most emails reach their target recipient. Today we look at the latest phishing scam in order to highlight the set of tricks it adopts.
MS05-021 PoC exploit code released
- Alexander Zammit Apr 21, 2005
Just a week following the release of MS05-021, proof of concept exploit code was published by FrSIRT, the French Security Incident Response Team.
Critical and Moderate Exchange Updates
- Alexander Zammit Apr 13, 2005
Microsoft just released fixes for vulnerabilities within Exchange 2000 and Exchange 2003. The vulnerability could enable an attacker to take complete control of the system.
Exchange 2003 DoS Attack
- Kenneth Spiteri Mar 14, 2005
Problems with folder handling cause the Exchange Information Store service to stop responding.